Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in takeover of Oracle Banking Corporate Lending. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
History

Thu, 03 Oct 2024 21:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2018-01-18T02:00:00

Updated: 2024-10-03T20:28:16.660Z

Reserved: 2017-12-15T00:00:00

Link: CVE-2018-2706

cve-icon Vulnrichment

Updated: 2024-08-05T04:29:44.091Z

cve-icon NVD

Status : Modified

Published: 2018-01-18T02:29:24.180

Modified: 2024-11-21T04:04:17.627

Link: CVE-2018-2706

cve-icon Redhat

No data.